South Korean officials and experts on Friday expressed doubts that the North Korean hacking group Lazarus could be behind Obit’s multi-million dollar heistthe largest cryptocurrency platform in South Korea.
The modus operandi of theft About 44.5 billion won (30.4 million US dollars)Sources linked to the investigation told Yonhap, on condition of anonymity, that the attacks, including the possible takeover or spoofing of administrative accounts, coincide with attacks previously attributed to the group.
The government confirmed that the method used was similar to that used in the incident attributed to Lazarus in 2019, when 580 billion won ($396 million), also from Upbit, was stolen through unauthorized access to hot wallets — wallets permanently connected to the network.
The attackers used “hopping” and “confusing” techniques.Common maneuvers in operations linked to Lazarus and designed to make money difficult to trace, according to details provided to Yonhap.
Upbit Dunamu on Thursday confirmed the cyberattack, which it initially estimated at 54 billion won, before revising the figure to 44.5 billion won.
The company halted part of cryptocurrency transactions to avoid new violations He confirmed that he would cover the losses in full With its own assets and other containment measures.
The attack occurred On the same day that South Korean technology company Naver announced its acquisition of Dunamuowner of Upbit.
According to an expert cited by Yonhap, it is possible that the attackers chose the date out of a “desire to show off,” a common trait among some hacking groups.
Naver shares fell 4.55% after the theft was discovered.
The Financial Supervision Service (FSS), the South Korean Internet Security Agency (KISA) and other agencies are conducting open inspections of Upbit over the incident.
Lazarus is the most well-known cybercriminal group associated with the North Korean regime and it is Approved by several countriesAmong them is the United States, for its role in raising funds for Pyongyang with the aim of mitigating the impact of international sanctions on its weapons programs.
The group is known as Cyber attack on Sony Pictures in 2014 – Following the release of the film The Interview, which North Korea deemed offensive – resulting in economic losses and data leaks from Hollywood executives.
He has also been identified as responsible for the largest cryptocurrency theft carried out to date in a single attack, the exchange attack. BybitThey stole about $1.5 billion.
Additionally, it has been linked to cyberattacks against other platforms such as Bithumb, Youbit, and DMM Bitcoin.